See: https://zeustracker.abuse.ch/monitor.php?host=94.242.216.38 with Citadel, see: https://www.virustotal.com/nl/file/90552de9c51651d4d07515ec0f3576c35e759a334f7621587eb0deef2e61fba2/analysis/
This one also missed see here: https://www.virustotal.com/nl/file/bb31f3373444714d6034d0ed366dbc10310b2c650b6d880716365c58c6e2a7f4/analysis/
Orexol Yxeri Qyzoh file
malware UPX 2.93 [LZMA] packed…being this file: http://www.isthisfilesafe.com/sha1/8BF89E34E2A1EB870D35ED9663DBA5BB0EFC6A01_details.aspx
http://www.istdiesedateisicher.de/sha1/8BF89E34E2A1EB870D35ED9663DBA5BB0EFC6A01_details.aspx
also detected as somoto adware: https://www.virustotal.com/nl/file/d2a2395339b643b89e4c1c423d7bbaa84aa174716fa6fdf7678803c3966b33f9/analysis/
polonus